Docstoc

PPP ON LINE Health Insurance Card_ Alenka Jerse

Document Sample
PPP ON LINE Health Insurance Card_ Alenka Jerse Powered By Docstoc
					ON-LINE HEALTH INSURANCE CARD SYSTEM
                        IN SLOVENIA




       Alenka Jerše, office of Information commissioner, Slovenia
       Urban Brulc, office of Information commissioner, Slovenia
• National health insurance card system implemented since 2000
• Slovenia one of the first European countries to introduce national
  system of health care insurance card
• 2.061.659 e-health insurance cards are in use and 20.607
  professional cards (as of 31.12.2007).
• The e-health care card is the only valid document in Slovenia for
  exercising the rights arising from health insurance
                                        .


                                   Health Care
                                    Provider          Health Care
               Health Care
                                                       Provider
                Provider

                                                                     Provides
     Provide data                                                    data and
    on commercial                                                    financing
      (optional)                HEALTH INSURANCE
      insurance
                              INSTITUTE OF SLOVENIA
                                                                          Provides
                                                                          general
Commercial Insurance                                                      personal
    Company                                                                 data
    Commercial Insurance
        Company
                                  Patient
                                                       Central Registry
       Commercial Insurance         Patient
           Company
                                            Patient
                                                  Simultaneous use   PROFESSIONAL CARD
                  PERSONAL                                            (belongs to health care
              INSURANCE CARD                                                  personnel)
             (belongs to a patient)




                                                                              Personal
    “Fresh” data is stored on IC at                                       insurance card
                                                  CARD READER
    SELFSERVICE TERMINALS                                                is a BEARER OF
     provided by HEALTH INSURANCE                                           PERSONAL
          INSTITUTE OF SLOVENIA
(Patient needs to validate IC every 3 months)                                   DATA
                                                                          = personal data
                                                SOFTWARE SUPPORT
                                                                            is stored on
                                                                         microprocessor
      E-health insurance card system

• The system stores personal data off-line

• Data visible on the card: name, family name, date of
  birth, card number, individual’s health insurance number

• Other data accessible from microprocessor (16 kB of
  memory)
        E-health insurance card system
Data accessible from microprocessor (16 kB of memory):
• data on card holder (name, address, sex, date of birth);
• data on health insurance payer – legal or natural person (registration
  number, purpose of insurance, address, type of payer of the
  insurance);
• data on obligatory health insurance (validity);
• data on voluntary health insurance (insurance company, type of
  insurance, validity);
• data on chosen personal doctor (general practitioner/pediatrician,
  dentist, gynecologist);
• data on medical accessories prescribed;
• data on voluntary decision to be cell or tissue donor post mortem;
• data on medicines prescribed.
                               OFF-LINE
                            ACCESS to a
IDENTIFICATION              limited number of
  of a patient*             personal data***


        CHECKING           Identification data
                           data on health insurance payer
     VALIDITY of           data on obligatory and optional
                          health insurance
     health insurance**    data on personal doctor(s)
                           data on tissue donation
                            data on prescribed medicines
                          and medical accessories
SOME QUESTIONS ARISING FROM USAGE OF OLD IC

                                                                      of IC holder.
                                     complete due   to lack of photo
                  ation with IC is in
• *  The identific
                        This can lead to
                                         a illegal use or m
                                                            isuse of IC.
                                                 in practice?
                   sent a sig nificant problem                                NO
  Does that repre


                                                               tion, but:
                          alth care in a h  ealth care institu
• **    Patient seeks he
                               ged IC or
           -c omes with dama
                                       d it at home or
           - claims that could not fin
                              s not work.
           - card reader doe                                     ss patient’s
                                         tuti on can not acce
                      Health care insti                                              YES
                       e data.
      health insuranc
                                                                           necessary data
                                      n have the righ    t to access the
      Does a healt  h care institutio          Slovenia in som
                                                                   e other way?
                              e Institute of
      from  Health Insuranc
      SOME QUESTIONS ARISING FROM USAGE OF OLD IC

                                                                              holder,
                                                     e prescrib  ed to a card
                                   dic ines that wer                     lated to
                    ata on all me                          medicines re
*** IC includes d
                        tment re lated medicin
                                                 es AND
                                                         f HIV pati ent or psych
                                                                                  iatric
  inclu ding HIV trea                 ta o n diagnosis o                data on
                  IC tr eatment. Da             ho has a  ccess to the           nt they
   PSYCHIATR                      to anyone w                     what treatme
                       revealed                         to know
   patient could be          ple do not   want anyone           Health Care
                                                                              Act nor
                   any peo                            Field of
   medicines. M            . Managin    g Data in the         e this.
   were p  articipating in            lution in the cases lik
                   do not offer a so
    Rules on IC
                           t do?
    W hat  can a patien                                    Based on the opinion of
                                                         Commission of medical
                                                          ethics the patient can
                                                          decide whether he/she
                                                        wants these sensitive data
                                                         to be processed or not!
                       Personal insurance card is NOT
                        A BEARER of personal data
           (personal data is NOT stored on microprocessor) =
   PERSONAL INSURANCE CARD becomes a KEY to access the data
                          stored in central database


                                DIRECT ACCESS
DATABSE processed by
                                                        HEALTH CARE
HEALTH INSURANCE
                                                           PROVIDER
  INSTITUTE OF
     SLOVENIA
      SOME QUESTIONS ARISING FROM ESTABLISHING THE NEW SYSTEM

  * Who besides patient has REA
                                          DING / WRIT         ING RIGHTS ? These
  •      administrative stuff at                                                          are:
                                 Health Insurance Inst
        companies                                        itute of Slovenia and co
                                                                                  mmercial insurance
  •     personal doctor (gener
                                  al practitioner, dentist
  •     doctor on secondary                               , gynecologist, pediatric
                               and tertiary level,                                  ian),
 •      administrative stuff at
                                health care provider (re
 •     psychologist, ambula                                ception service),
                               nce car driver, physio
•      coordinator for transpl                         therapist
                                antation procedure
•      pharmacist, pharmac
                              eutical technician
•      optician, funeral direct
                                or
Do they really need
                            access to ALL PERS
                                                      ONAL DATA from ce
                                                                        nt          ral database?
                  NO!
 Therefore a MODULAR ACCESS is
             established!
 (each person has access only to the
  personal data that are necessary or
               needed)
  MAIN PURPOSE
STAYS THE SAME



                                                            Right of a patient to
                                                         be informed on his/her
   Accuracy and up-to-                                   own personal data (IC is
datedness of personal data                               access key to his/her own data)


                                         Wider sets of
                                                             Simplifying
                                      data / more
                                                         procedures for accessing
                                      insurance and
          Prevention of                                  to personal data
                                      health data
       unauthorized use of health
       care service in the event of
       non-arranged insurance                    OFFERS A WHOLE VARIETY
                                               OF NEW APPLICATIONS
                                                                   • PERSONAL DIGITAL
                                                               .     CERTIFICATE
                                                                         Personal and professional card will
    • e - DOCUMENTS                                                      contain a personal digital certificate


                  Professional card will contain a
                  digital certificate for secure                   •   BASIS FOR DATA EXSCHANGE
                  electronic signing of health care                    BETWEEN HEALTH CARE
                  documents (prescriptions, orders,
                  medical referrals…)                                  PROVIDERS
                                                                                              First stage of Electronic
Prescriptions will not be issued in                                                           Health Record
paper form any more!


    • NEW DATA SET BY                                              • INSURANCE CARD WILL BE
      PATIENT`S RIGHTS ACT                                           COMBINED WITH
                                                                     PERSONAL
DURABLE POWER
OF ATTORNEY FOR
                                                                     IDENTIFICATION CARD
HEALTH CARE
                           LIVING WILL                                 (“Two in one”)
                                            PROHIBITION OF
                                            GIVING A CONSENT
                                            BY PEOPLE
                                            AUTHORISED BY
                                            LAW
                                                                   Identity Card Act allows
                 Picture                                           photocopying of identity card to
                       ily Name,
         N ame, Fam                                                certain data controllers (…)
                 Address             er
                           tion Numb
     Persona  l Identifica         insurance
                      r of health                                    Act on Patients Rights allows
           on numbe
Registrati                                                           access to registration number of
                                                                     health insurance of third
                                                                     persons who are on the waiting
                                                                     list for doctors appointment or
                                                                     surgery etc.

   This means that Registration number of health insurance will be accessible to wide range of individuals allowing
   identification of the holder of specific health insurance number (that are on the waiting list).

   This is against the purpose of the Act on Patients Rights. How to solve this problem?
    Data protection related
• Access also through identity card
• Which data should be seen on the card
• How will the security be technically assured
• Who has access to which data
• Should all data be registered (for example for all
  medicaments, not for HIV treatment drugs)
• Possibility of prohibiting access by the decision
  of the insured person
    Data protection –Working party 29
Working Document on the processing of personal data
relating to health in electronic health records (EHR)

• Respecting self determination
• Identification and authentication of patients and health
  care professionals
• Authorization for accessing EHR in order to read and
  write in EHR
• Use of EHR for other purposes
• Organizational structure of an EHR system
    Data protection –Working party 29
Working Document on the processing of personal data
relating to health in electronic health records (EHR)

• Categories of data stored in EHR and modes of their
  presentation
• International transfer of medical records
• Data security
• Transparency
• Liability issues
• Control mechanisms for processing data in EHR
    Data protection –Working party 29

• EHR systems additionally have the potential not only to
  process more personal data (e.g. in new contexts, or
  through aggregation)
• But also to make a patient’s data more readily available
  to a wider circle of recipients than before.
• The members of the Working Party are of the opinion
  that all data contained in medical documentation, in
  electronic health records and in EHR systems should be
  considered to be “sensitive personal data”.
              Directive 95/46/EC
Article 8 (3) allows for the processing of sensitive personal data
under three cumulative conditions:
• the processing of sensitive personal data must be “required”,
   and this processing
• takes place “for the purposes of preventive medicine, medical
   diagnosis, the provision of care or treatment or the
   management of health-care services” and the personal data in
   question
• “are processed by a health professional subject under
   national law or rules established by national competent bodies
   to the obligation of professional secrecy or by another person
   also subject to an equivalent obligation of secrecy”.
 Data protection –Working party 29
• Essential principle concerning access to an EHR must
  be that – apart from the patient himself – only those
  healthcare professionals/authorized personnel of
  healthcare institutions who presently are involved in the
  patient’s treatment may have access.
• If feasible and if possible – that is with a patient present
  and able to act – the patient should be given the chance
  to prevent access to his EHR data if he so chooses.
                Portorož Declaration
                www.ehealth2008.si
Three key initiatives must now begin to operate over the next
ten-year period:
• The first crucial area is the need to plan to deploy
   telemedicine and innovative ICT tools for chronic disease
   management.
• Second, but equally important, is the need to introduce an
   enhanced focus on new research opportunities.
• Third, is the need for a transparent legal framework. It would
   help to define the responsibilities, rights and obligations of all
   the different subjects involved in the eHealth process. Special
   attention should be paid to exploring existing legislation that
   affects eHealth significantly, especially the Data Protection
   Directive, e-Privacy Directive and e-Commerce Directive.
              Portorož Declaration
Combining standardization and safety in e-Health

The Commission plans to issue a recommendation on
cross-border interoperability of electronic health record
systems, laying out clear guidelines for arriving at the
keenly anticipated scenario of enabling patients to access
electronic health records anywhere any time. There is a
need to emphasize the improvement to patient safety that
ICT can facilitate, especially as a result of the enhanced
interoperability of systems.
Thank you!

www.ic-rs.si
(eng.)

www.ip-rs.si
(slo.)

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:9
posted:2/26/2010
language:English
pages:23